JSI Tip 8182. The Windows 2000 CHKDSK utility incorrectly deletes in-use security descriptors?

When you run CHKDSK with either the /F or /R switch, some ACLs (Access Control Lists) may be reset to their default values, or security descriptor information may be removed from some folders and/or files.

This behavior can occur if the MFT (Master File Table) exceeds 4 GB, or if more than 4,194,303 files exist on the volume.

This behavior can also occur if security descriptors do not conform exactly to the alignment convention for the NTFS file system security stream.

NOTE: See Chkdsk finds incorrect Security IDs after you restore or copy a lot of data.

Microsoft has release a hotfix to correct this problem behavior. See The CHKDSK utility incorrectly identifies and deletes in-use security descriptors in Windows 2000.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.